Reklamy sale charger (logi z FRST)


(Pirekucac) #1

Witajcie,

 

mam problem z reklamami ('Sale Charger').

Oto logi:

http://www.wklej.org/id/1768512/ FRST

http://www.wklej.org/id/1768513/ Addition

http://www.wklej.org/id/1768514/ Shortcut

 

Uprzejmie proszę o pomoc,

pozdrawiam!


(Atis) #2

Wklej do systemowego notatnika i zapisz jako plik tekstowy o nazwie fixlist :

HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR Extension: (Sale Charger) - C:\Users\Arkadiusz\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgfkibkmennbfadphcpjejdpfaeaenh [2015-06-13]
CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx
S2 Update Hold Page; "C:\Program Files (x86)\Hold Page\updateHoldPage.exe" [X]
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S0 BTATH_BUS; System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
2015-08-04 14:54 - 2015-08-04 20:39 - 00000000 ____ D C:\AdwCleaner
2015-07-12 20:58 - 2015-06-10 15:32 - 00000000 ____ D C:\ProgramData\TEMP
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Arkadiusz\AppData\Roaming\KVYeQDJkeZ0
C:\Users\Arkadiusz\AppData\Local\*.tmp
Task: {1A324236-BB58-4480-B5FE-47BDFB1CA6F7} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {205773C7-9E14-47C8-9B7B-EECA49B38346} - \{47141CAB-53E8-4319-BCA2-9D61D4B1729C} No Task File <==== ATTENTION
Task: {4388BE3B-D979-4764-B024-699ABFC98DCD} - \RTKCPL No Task File <==== ATTENTION
Task: {4C4095E5-076A-424B-94FF-AD41E8AC34D7} - \avastBCLRestartS-1-5-21-1978749578-1711153119-3368879850-1001 No Task File <==== ATTENTION
Task: {67788D39-4E62-49D5-AEF5-E6349280B2AC} - \HPCustParticipation HP Deskjet 1510 series No Task File <==== ATTENTION
Task: {92863907-3D6D-4727-A445-2ABC7F1835AA} - \ASUS Smart Gesture Launcher No Task File <==== ATTENTION
Task: {95CB942F-D75F-4516-832F-C1A68A47967D} - \Optimize Start Menu Cache Files-S-1-5-21-1978749578-1711153119-3368879850-500 No Task File <==== ATTENTION
Task: {A3EA7131-9028-40CB-8F62-F2F916CBA24B} - \RtHDVBg No Task File <==== ATTENTION
Task: {EC3DD7EB-7480-475C-8354-60B50BD96914} - \ATK Package 36D18D69AFC3 No Task File <==== ATTENTION
EmptyTemp:

Uruchom FRST i kliknij Fix. Pokaż raport z usuwania Fixlog.

Kliknij Scan i pokaż nowy raport z FRST bez Addition i Shortcut.